Re: [PATCH] setup: support GIT_IGNORE_INSECURE_OWNER environment variable

[Junio C Hamano <gitster@pobox.com>]

Phillip Wood <phillip.wood123@gmail.com> writes:

> To expand an this a little - a couple of times I've wanted to checkout
> a bare repository that is owned by a different user. It is a pain to
> have to add a new config setting just for a one-off checkout. Being
> able to adjust the config on the command line would be very useful in
> that case.

True.  As long as it is deemed safe to honor the one-off "git -c
safe.directory=..." from the command line, for the purpose of this
"I who am running this 'git' process hereby declare that I trust
this and that repository", I think it would be the best solution
for the "git daemon" use case.

And it is much better than adding a one-off environment variable.
After all, if your "git daemon" user does not have a $HOME set in
its /etc/passwd entry, you cannot set such an environment variable
in $HOME/.profile so somewhere in your "git daemon" invocation would
have to be tweaked to have code snippet that sets and exports it
*anyway*.  You can tweak the "git" invocation to add the command
line tweak "-c safe.directory=..." at the place you would have set
and exported the variable, and using the well understood "git -c
var=val" mechanism would be more appropriate.

>> Or you could set $HOME to a suitable directory when running "git
> ...
> The advantage of this approach is that there are no changes needed to
> git, instead of setting GIT_IGNORE_INSECURE_OWNER one sets HOME to
> point to a suitable config file. I found this useful when I was
> debugging the issues with git-daemon earlier[1]

Yup, that sounds like a workable approach, if "git -c var=val"
approach turns out to be inappropriate for security purposes
for whatever reason.

Thanks.